From 357f0072caac4d9a0bf887393e01007ffd8297f1 Mon Sep 17 00:00:00 2001 From: Erik Skultety Date: Tue, 10 Feb 2015 17:17:35 +0100 Subject: [PATCH] conf: forbid seclabel duplicates for domain devices Parser checks for per-domain seclabel duplicates, so it would be nice if it checked for per-device seclabel duplicates the same way Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1165485 --- src/conf/domain_conf.c | 9 +++++ ...emuxml2argv-seclabel-device-duplicates.xml | 33 +++++++++++++++++++ tests/qemuxml2argvtest.c | 1 + 3 files changed, 43 insertions(+) create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-seclabel-device-duplicates.xml diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 6a57d80b61..7f242f13e6 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -5421,6 +5421,15 @@ virSecurityDeviceLabelDefParseXML(virSecurityDeviceLabelDefPtr **seclabels_rtn, break; } } + + /* check for duplicate seclabels */ + for (j = 0; j < i; j++) { + if (STREQ_NULLABLE(model, seclabels[j]->model)) { + virReportError(VIR_ERR_XML_DETAIL, + _("seclabel for model %s is already provided"), model); + goto error; + } + } seclabels[i]->model = model; } diff --git a/tests/qemuxml2argvdata/qemuxml2argv-seclabel-device-duplicates.xml b/tests/qemuxml2argvdata/qemuxml2argv-seclabel-device-duplicates.xml new file mode 100644 index 0000000000..0ba26b6589 --- /dev/null +++ b/tests/qemuxml2argvdata/qemuxml2argv-seclabel-device-duplicates.xml @@ -0,0 +1,33 @@ + + QEMUGuest1 + c7a5fdbd-edaf-9455-926a-d65c16db1809 + 219100 + 219100 + 1 + + hvm + + + + destroy + restart + destroy + + /usr/bin/qemu + + + + + + + +
+ + + + + + + + + diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index f864c2a105..395cab3d91 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -1302,6 +1302,7 @@ mymain(void) DO_TEST("seclabel-none", QEMU_CAPS_NAME); DO_TEST("seclabel-dac-none", QEMU_CAPS_NAME); DO_TEST_PARSE_ERROR("seclabel-multiple", QEMU_CAPS_NAME); + DO_TEST_PARSE_ERROR("seclabel-device-duplicates", QEMU_CAPS_NAME); DO_TEST("pseries-basic", QEMU_CAPS_CHARDEV, QEMU_CAPS_DEVICE, QEMU_CAPS_NODEFCONFIG);